W3C home > Mailing lists > Public > public-xg-webid@w3.org > March 2011

Re: WebID Test Suite

From: bergi <bergi@axolotlfarm.org>
Date: Sun, 27 Mar 2011 17:37:30 +0200
Message-ID: <4D8F59BA.6080300@axolotlfarm.org>
To: Henry Story <henry.story@bblfish.net>
CC: public-xg-webid@w3.org


Am 24.03.2011 00:08, schrieb Henry Story:
> 
> On 23 Mar 2011, at 23:55, bergi wrote:
> 
>> Am 23.03.2011 10:24, schrieb Henry Story:
>>>
>>> On 23 Mar 2011, at 10:16, Michael Hausenblas wrote:
>>>
>>>>
>>>> KUTGW, Bergi!
>>>>
>>>>> Next one might wonder if having such a service return the same information in machine readable format (RDF) would not also be useful... If it is we could agree on an ontology. Any ideas here?
>>>>
>>>> Please let's not reinvent the wheel. There are existing vocabs for describing tests [1] and reporting [2], see for example the RDFa Test Suite for how it's used ...
>>
>> A JUnit integration would be nice. I will have a look at that.
>>
>>>
>>> Of course, one should not re-invent the test ontology :-)
>>>
>>> I meant to ask if anyone had any ideas on what use it would be to publish a machine readable version of a failed login, and the precise causes of it:
>>>  - cert wrong
>>>  - could not connect to host, (due to ... )
>>>  - foaf profile wrong,...
>>>  - [for a later time: access control restrictions failed]
>>
>> Sure, that would be much better. I was already thinking about a better
>> machine readable output format. At the weekend I should have time to add
>> this feature to my login component and adapt my test suite.
> 
> I think that if we can have a good ontology of such errors then we can get two things in one go:
>   - a test end point to test any agent's certificate
>   - a method to test those endpoints by sending in random ways known good or bad requests and verifying that the endpoint answers correctly.
> 
> The good thing is that every implementation can participate in building such testers.

Yesterday I had a look at the evaluation and report language schema and
was thinking about the missing part for the webid tests. I have created
a proposal for a generic authentication schema [1].

Here are some examples [2] how the output could look like. The
'TestResult' gets a new child 'Authentication'. The 'Authentication'
itself can have a 'Status' or the 'Status' can be assigned to an 'ID'.
In the WebID case a missing x509v3 san uri extension can be represented
with a 'Failure' (sub property of 'Status') as a child of
'Authentication'. If the WebID certificate contains multiple uris each
'ID' can have it's own 'Status'.

If you're confused, just have a look at the examples.

The schema also contains some user/password authentification stuff.


[1] http://ns.bergnet.org/rdf/authentication/0.1/index.rdf.xml
[2] http://ns.bergnet.org/rdf/authentication/0.1/example.rdf.xml

> 
> Night!
> 
>>>
>>> Henry
>>>
>>>> Cheers,
>>>> 	Michael
>>>>
>>>> [1] http://www.w3.org/2006/03/test-description
>>>> [2] http://www.w3.org/TR/EARL10-Schema/
>>>> [3] http://rdfa.digitalbazaar.com/test-suite/manifest.ttl
>>>> --
>>>> Dr. Michael Hausenblas, Research Fellow
>>>> LiDRC - Linked Data Research Centre
>>>> DERI - Digital Enterprise Research Institute
>>>> NUIG - National University of Ireland, Galway
>>>> Ireland, Europe
>>>> Tel. +353 91 495730
>>>> http://linkeddata.deri.ie/
>>>> http://sw-app.org/about.html
>>>>
>>>> On 23 Mar 2011, at 09:08, Henry Story wrote:
>>>>
>>>>> Hi Bergi,
>>>>>
>>>>> great to see some progress being made on this issue.
>>>>>
>>>>> A few questions:
>>>>>
>>>>> - what is the licence for the code? BSD/Apache or GNU would be great.
>>
>> GPL
>>
>>>>>
>>>>> - I am not quite sure what you are testing here. Well, it seems like you are testing the validity of a particular webid certificate, to see if it matches the foaf file. ie: if it would authenticate you. This would be somewhat similar then to the foaf.me simple login page
>>>>> http://foaf.me/entry.php
>>
>> My test suite generates webids, publishes rdfs and tries to authenticate
>> against an endpoint. It's the opposite of the simple login page. I just
>> wanted to test my own webid login implementation:
>>
>> https://www.axolotlfarm.org/svn/bergi/bergnet/php/login-webid/trunk/
>> https://www.axolotlfarm.org/svn/bergi/bergnet/php/commons/trunk/
>>
>>>>> I suppose all implementations should have a component of this kind, to help the developers of the component, administrators and users work out why someone cannot log it. Is it their certificate that is wrong? Their foaf? Which part of each? and so on.
>>>>>
>>>>> But if that is the case then the User Interface to your component could be a lot simpler. You just need to set it up as a service, and people can go to the certificate test page, and try to log in with their browser. You could then have a page which goes into details in human readable form about what failed or succeeded.
>>>>>
>>>>> Next one might wonder if having such a service return the same information in machine readable format (RDF) would not also be useful... If it is we could agree on an ontology. Any ideas here?
>>
>> I was already thinking about a test suite servlet. But, as it's not a
>> login endpoint, to test other endpoints. A common machine readable
>> format will be necessary. My next version will include a rdf proposal.
>>
>>>>>
>>>>>
>>>>> 	Henry
>>>>>
>>>>> On 22 Mar 2011, at 23:20, bergi wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I have created a little WebID test suite. It's based on JUnit and apache
>>>>>> HttpClient. To test your own webid implementation you have to create an
>>>>>> endpoint which outputs all valid agents comma seperated. In the
>>>>>> default.properties file you have to change the endpoint to your own url,
>>>>>> the endpoint certificate to your own certificate in pem format. The
>>>>>> publish base url and path must point to a folder which is accessable via
>>>>>> your local file system and http. I'm using a local apache with a hacked
>>>>>> hosts file. Currently the following tests are included:
>>>>>> 	- Default (single entry in subjectAtlNames)
>>>>>> 	- MissingRdf (404 http error)
>>>>>> 	- MultipleIDs (two entries in subjectAltNames)
>>>>>> 	- WrongModulus (wrong modulus in rdf)
>>>>>> 	- WrongPublicExponent (wrong public exponent in rdf)
>>>>>>
>>>>>> Issue:
>>>>>> http://www.w3.org/2005/Incubator/webid/track/issues/9
>>>>>>
>>>>>> Download:
>>>>>> https://www.axolotlfarm.org/~bergi/projects/commons/test-webid-20110322.zip
>>>>>>
>>>>>> Regards,
>>>>>> the bergi
>>>>>>
>>>>>>
>>>>>
>>>>> Social Web Architect
>>>>> http://bblfish.net/
>>>>>
>>>>>
>>>>
>>>
>>> Social Web Architect
>>> http://bblfish.net/
>>>
>>>
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
Received on Sunday, 27 March 2011 15:38:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 27 March 2011 15:38:07 GMT